[ http://issues.apache.org/jira/browse/DERBY-1229?page=comments#action_12377039 ]
Kathey Marsden commented on DERBY-1229: --------------------------------------- I am concerned about adding this line to the test policy file. Does this mean that permission java.lang.RuntimePermission "getProtectionDomain"; is now required for the product or is it just for sysinfo? I have three concerns. 1) This is a fairly dangerous permission. 2) Policy files are often site specific and difficult to modify in a product roll out scenario to require new permissions . 3) Such a change breaks backward compatibility in my view as this permission has not been required before. 4) Even if the permission is just for sysinfo, if you add it to the derby_tests.policy file it means that a new change could make the product require it and we would catch it. Even for sysinfo I didn't like this, but since right now it is only really suitable as a command-line tool, I thought maybe it was ok. I am starting to think that maybe sysinfo should at least print abbreviated information and a warning if it could not do whatever it is trying to do with getProtectionDomain instead of giving this error. Kathey > sysinfo and sysinfo_withproperties.java fail with java.lang.RuntimePermission > getProtectionDomain when db2jcc.jar is in same dir as the derby-jars > -------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: DERBY-1229 > URL: http://issues.apache.org/jira/browse/DERBY-1229 > Project: Derby > Type: Test > Components: Security, Test, Tools > Versions: 10.2.0.0 > Environment: Solaris 10 x86 > Sun JDK > java version "1.5.0_06" > Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_06-b05) > Java HotSpot(TM) Client VM (build 1.5.0_06-b05, mixed mode, sharing) > Reporter: Vemund Østgaard > Priority: Minor > > The problem I've been seeing is that if I run: > java -Dframework=DerbyNetClient > org.apache.derbyTesting.functionTests.harness.RunTest derbynet/sysinfo.java > in a configuration where my db2jcc.jar is located in the same directory as > all the other derby-jars, then the test fails with a diff caused by a > RuntimeException. If I change nothing else then moving that db2jcc.jar out of > that directory (and making the appropriate classpath change) then the test > succeeds. > The reason is that the test fails to get the permission for doing > getProtectionDomain().getCodeSource() on class com.ibm.db2.jcc.DB2Driver. > Below follows relevant output from my system that might be useful to debug > this: > --- > [EMAIL PROTECTED]:~/tmp/test> env |grep CLAS > CLASSPATH=/home/vo136787/derby/tmp/testbuild/lib/derby.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyTesting.jar:/home/vo136787/derby/tmp/testbuild/lib/derbytools.jar:/home/vo136787/derby/tmp/testbuild/lib/derbynet.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyclient.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyrun.jar:/home/vo136787/derby/tmp/testbuild/lib/junit.jar:/home/vo136787/derby/tmp/testbuild/lib/db2jcc.jar:/home/vo136787/derby/tmp/testbuild/lib/db2jcc_license_c.jar:/home/vo136787/derby/tmp/testbuild/lib/jakarta-oro-2.0.8.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_de_DE.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_es.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_fr.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_it.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_ja_JP.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_ko_KR.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_pt_BR.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_zh_CN.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_zh_TW.jar > [EMAIL PROTECTED]:~/tmp/test> java -Dframework=DerbyNetClient > org.apache.derbyTesting.functionTests.harness.RunTest derbynet/sysinfo.java > *** Start: sysinfo jdk1.5.0_06 DerbyNetClient 2006-04-19 13:00:33 *** > Initialize for framework: DerbyNetClient > java -Dderby.system.home=/home/vo136787/tmp/test/DerbyNetClient/sysinfo > -Djava.security.manager > -Djava.security.policy=/home/vo136787/tmp/test/derby_tests.policy > -DderbyTesting.codejar=file:/home/vo136787/derby/tmp/testbuild/lib/ > -DderbyTesting.codedir=/home/vo136787/derby/tmp/testbuild/lib > -DderbyTesting.serverhost=localhost -DderbyTesting.clienthost=localhost > -DderbyTesting.codeclasses=file://unused/ > org.apache.derby.drda.NetworkServerControl start > -- SecurityManager not installed -- > Attempt to shutdown framework: DerbyNetClient > 14a15 > > [Unable to access Protection Domain or Code Source for class class > > com.ibm.db2.jcc.DB2Driver: access denied (java.lang.RuntimePermission > > getProtectionDomain)] 2.4 - (17) > 41a43 > > [Unable to access Protection Domain or Code Source for class class > > com.ibm.db2.jcc.DB2Driver: access denied (java.lang.RuntimePermission > > getProtectionDomain)] 2.4 - (17) > 69a72 > > [Unable to access Protection Domain or Code Source for class class > > com.ibm.db2.jcc.DB2Driver: access denied (java.lang.RuntimePermission > > getProtectionDomain)] 2.4 - (17) > Test Failed. > *** End: sysinfo jdk1.5.0_06 DerbyNetClient 2006-04-19 13:00:40 *** > [EMAIL PROTECTED]:~/tmp/test> java org.apache.derby.tools.sysinfo > ------------------ Java Information ------------------ > Java Version: 1.5.0_06 > Java Vendor: Sun Microsystems Inc. > Java home: /usr/jdk/instances/jdk1.5.0/jre > Java classpath: > /home/vo136787/derby/tmp/testbuild/lib/derby.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyTesting.jar:/home/vo136787/derby/tmp/testbuild/lib/derbytools.jar:/home/vo136787/derby/tmp/testbuild/lib/derbynet.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyclient.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyrun.jar:/home/vo136787/derby/tmp/testbuild/lib/junit.jar:/home/vo136787/derby/tmp/testbuild/lib/db2jcc.jar:/home/vo136787/derby/tmp/testbuild/lib/db2jcc_license_c.jar:/home/vo136787/derby/tmp/testbuild/lib/jakarta-oro-2.0.8.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_de_DE.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_es.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_fr.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_it.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_ja_JP.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_ko_KR.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_pt_BR.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_zh_CN.jar:/home/vo136787/derby/tmp/testbuild/lib/derbyLocale_zh_TW.jar > OS name: SunOS > OS architecture: x86 > OS version: 5.10 > Java user name: vo136787 > Java user home: /home/vo136787 > Java user dir: /home/vo136787/tmp/test > java.specification.name: Java Platform API Specification > java.specification.version: 1.5 > --------- Derby Information -------- > JRE - JDBC: J2SE 5.0 - JDBC 3.0 > [/home/vo136787/derby/tmp/testbuild/lib/derby.jar] 10.2.0.0 alpha - (394991) > [/home/vo136787/derby/tmp/testbuild/lib/derbytools.jar] 10.2.0.0 alpha - > (394991) > [/home/vo136787/derby/tmp/testbuild/lib/derbynet.jar] 10.2.0.0 alpha - > (394991) > [/home/vo136787/derby/tmp/testbuild/lib/derbyclient.jar] 10.2.0.0 alpha - > (394991) > [/home/vo136787/derby/tmp/testbuild/lib/db2jcc.jar] 2.4 - (17) > [/home/vo136787/derby/tmp/testbuild/lib/db2jcc_license_c.jar] 2.4 - (17) > ------------------------------------------------------ > ----------------- Locale Information ----------------- > Current Locale : [English/United States [en_US]] > Found support for locale: [de_DE] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [es] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [fr] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [it] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [ja_JP] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [ko_KR] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [pt_BR] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [zh_CN] > version: 10.2.0.0 alpha - (394991) > Found support for locale: [zh_TW] > version: 10.2.0.0 alpha - (394991) > ------------------------------------------------------ > [EMAIL PROTECTED]:~/tmp/test> java org.apache.derby.tools.sysinfo -cp > Testing for presence of all Derby-related libraries; typically, only some are > needed. > For a list of possible arguments, type java org.apache.derby.tools.sysinfo > -cp args > FOUND IN CLASS PATH: > Derby embedded engine library (derby.jar) > /home/vo136787/derby/tmp/testbuild/lib/derby.jar > Derby embedded engine library (derby.jar) > /home/vo136787/derby/tmp/testbuild/lib/derby.jar > Derby Network Server library (derbynet.jar) > /home/vo136787/derby/tmp/testbuild/lib/derbynet.jar > Derby Client libraries (db2jcc.jar) > /home/vo136787/derby/tmp/testbuild/lib/db2jcc.jar > Derby Client libraries (derbyclient.jar) > /home/vo136787/derby/tmp/testbuild/lib/derbyclient.jar > NOT FOUND IN CLASS PATH: > Derby tools library (derbytools.jar) > (org.apache.derby.tools.ij not found.) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
